<!-- Start -->
<h3 style="color:purple" id="dos-aliases"><b>Denial of Service :: Aliases based Attack</b></h3>
<hr />
<h5>Problem Statement</h5>
<p>In GraphQL, it is possible to run multiple queries without needing to batch them together.</p>
<p>If batching is disabled, you could build a query composed of multiple aliases calling the same query or mutation, if the server is not analyzing the cost of the query, it will be possible to overwhelm the server's resources by using expensive queries using aliases.</p>
<p>
<ul>
  <li>Query Middleware</li>
  <li>Query Cost Analysis</li>
</ul>
</p>
<p><b>Query Middleware</b> is needed to identify the use of aliases in order to make a decision (reject/allow) based on your business logic.<br></p>
<p><b>Query Cost Analysis</b> will be beneficial against these attacks, since each query will ultimately result in increased cost.</p>
<h5>Resources</h5>
<ul>
    <li>
      <a href="https://graphql.org/learn/queries/#aliases" target="_blank">
        <i class="fa fa-newspaper"></i> GraphQL - Aliases
      </a>
    </li>
    <li>
      <a href="https://graphql-ruby.org/queries/complexity_and_depth.html" target="_blank">
        <i class="fa fa-newspaper"></i> Ruby GraphQL - Complexity and Depth
      </a>
    </li>
</ul>
<h5>Exploitation Solution <button class="reveal" onclick="reveal('sol-dos-aliases')">Show</button></h5>
<div id="sol-dos-aliases" style="display:none">
  <pre class="bash">
# Beginner mode
# q1, q2 and q3 represent the aliases.

query {
  q1: systemUpdate
  q2: systemUpdate
  q3: systemUpdate
}</pre>
</div>
<!-- End -->